ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is employed to prevent attacks toward script-driven sites by employing security rules that contain certain expressions. That way, the firewall can block hacking and spamming attempts and protect even websites which are not updated on a regular basis. As an example, numerous unsuccessful login attempts to a script administrator area or attempts to execute a particular file with the objective to get access to the script shall trigger certain rules, so ModSecurity shall stop these activities the minute it discovers them. The firewall is incredibly efficient since it tracks the whole HTTP traffic to a website in real time without slowing it down, so it can prevent an attack before any damage is done. It additionally keeps a very detailed log of all attack attempts which contains more info than standard Apache logs, so you can later examine the data and take additional measures to boost the security of your sites if necessary.
ModSecurity in Cloud Hosting
ModSecurity is offered with each cloud hosting solution that we offer and it's activated by default for any domain or subdomain which you include via your Hepsia CP. In case it disrupts any of your apps or you would like to disable it for some reason, you'll be able to achieve that through the ModSecurity section of Hepsia with simply a mouse click. You could also activate a passive mode, so the firewall will recognize potential attacks and maintain a log, but won't take any action. You could see detailed logs in the very same section, including the IP address where the attack originated from, what exactly the attacker tried to do and at what time, what ModSecurity did, and so forth. For maximum safety of our clients we use a group of commercial firewall rules combined with custom ones that are provided by our system administrators.
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our semi-dedicated server plans and if you opt to host your sites with us, there shall not be anything special you'll have to do given that the firewall is activated by default for all domains and subdomains which you include using your hosting CP. If needed, you could disable ModSecurity for a particular website or enable the so-called detection mode in which case the firewall shall still operate and record info, but will not do anything to prevent potential attacks against your Internet sites. In depth logs will be readily available within your CP and you will be able to see what type of attacks took place, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks came from, and so forth. We employ two kinds of rules on our servers - commercial ones from a business which operates in the field of web security, and customized ones that our admins often add to respond to newly identified risks promptly.
ModSecurity in VPS Servers
All VPS servers that are set up with the Hepsia Control Panel include ModSecurity. The firewall is installed and activated by default for all domains that are hosted on the web server, so there shall not be anything special which you shall have to do to protect your websites. It shall take you a click to stop ModSecurity if needed or to activate its passive mode so that it records what goes on without taking any actions to prevent intrusions. You'll be able to look at the logs produced in passive or active mode via the corresponding section of Hepsia and learn more about the form of the attack, where it came from, what rule the firewall used to handle it, and so forth. We use a combination of commercial and custom rules in order to make sure that ModSecurity shall prevent as many risks as possible, thus boosting the security of your web applications as much as possible.
ModSecurity in Dedicated Servers
All our dedicated servers that are installed with the Hepsia hosting CP include ModSecurity, so any program which you upload or install shall be properly secured from the very beginning and you'll not need to concern yourself with common attacks or vulnerabilities. A separate section inside Hepsia will permit you to start or stop the firewall for each domain or subdomain, or turn on a detection mode so that it records details about intrusions, but does not take actions to prevent them. What you will find in the logs shall enable you to to secure your sites better - the IP address an attack came from, what site was attacked as well as how, what ModSecurity rule was triggered, and so on. With this info, you'll be able to see if a site needs an update, whether you should block IPs from accessing your hosting server, etc. On top of the third-party commercial security rules for ModSecurity we use, our admins add custom ones as well when they find a new threat that is not yet included in the commercial bundle.